JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 59.38.131.149

59.38.131.149 was found in our database!

This IP was reported 232 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 59.38.131.149

Whois 59.38.131.149

IP Abuse Reports for 59.38.131.149:

This IP address has been reported a total of 232 times from 173 distinct sources. 59.38.131.149 was first reported on April 4th 2026, and the most recent report was 35 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-04 07:32:56 (13 hours ago)	Jun 4 10:29:12 38 sshd[2264039]: Invalid user dev from 59.38.131.149 port 46428 Jun 4 10:29:42 38 ... show more Jun 4 10:29:12 38 sshd[2264039]: Invalid user dev from 59.38.131.149 port 46428 Jun 4 10:29:42 38 sshd[2264043]: Invalid user frappe from 59.38.131.149 port 52078 Jun 4 10:30:16 38 sshd[2264060]: Invalid user junior from 59.38.131.149 port 57722 Jun 4 10:30:46 38 sshd[2264063]: Invalid user sambauser from 59.38.131.149 port 35144 Jun 4 10:32:56 38 sshd[2264085]: Invalid user clamav from 59.38.131.149 port 57714 ... show less	Brute-Force SSH
🇨🇭 ScanThe.Net	2026-06-04 07:21:15 (13 hours ago)	ID: 3851198519 \| PORT: 39829 \| https://59-38-131-149.scanthe.net	Port Scan
🇨🇭 ScanThe.Net	2026-06-04 05:53:36 (14 hours ago)	ID: 3849592277 \| PORT: 36036 \| https://59-38-131-149.scanthe.net	Port Scan
🇩🇪 hispasign	2026-06-04 05:40:08 (15 hours ago)	SSH Bruteforce Attempt [node 3]	Brute-Force SSH
🇨🇭 ScanThe.Net	2026-06-04 05:07:15 (15 hours ago)	ID: 3848716695 \| PORT: 8935 \| https://59-38-131-149.scanthe.net	Port Scan
🇩🇪 Richie	2026-06-04 04:21:44 (16 hours ago)	[HOST1] Port Scan detected	Port Scan
🇩🇪 arc21	2026-06-04 02:30:22 (18 hours ago)	2026-06-04T02:27:02.148037+00:00 Dokploy sshd[3570929]: Invalid user infinity from 59.38.131.149 por ... show more 2026-06-04T02:27:02.148037+00:00 Dokploy sshd[3570929]: Invalid user infinity from 59.38.131.149 port 33792 2026-06-04T02:27:36.191314+00:00 Dokploy sshd[3570991]: Invalid user parth from 59.38.131.149 port 42846 2026-06-04T02:28:10.329578+00:00 Dokploy sshd[3571064]: Invalid user vmuser from 59.38.131.149 port 51568 2026-06-04T02:29:50.689775+00:00 Dokploy sshd[3571291]: Invalid user koha from 59.38.131.149 port 50588 2026-06-04T02:30:21.238224+00:00 Dokploy sshd[3571357]: Invalid user gituser from 59.38.131.149 port 58764 ... show less	Brute-Force SSH
🇨🇳 Indexyz	2026-06-04 01:44:33 (19 hours ago)	2026-06-04T09:41:01.567697+08:00 hostname sshd-session[145450]: Invalid user admin from 59.38.131. ... show more 2026-06-04T09:41:01.567697+08:00 hostname sshd-session[145450]: Invalid user admin from 59.38.131.149 port 34508 2026-06-04T09:42:49.864765+08:00 hostname sshd-session[145500]: Connection from 59.38.131.149 port 54742 on 10.89.160.7 port 22 rdomain "" 2026-06-04T09:42:50.105514+08:00 hostname sshd-session[145500]: Invalid user jack from 59.38.131.149 port 54742 2026-06-04T09:44:31.977300+08:00 hostname sshd-session[145590]: Connection from 59.38.131.149 port 46716 on 10.89.160.7 port 22 rdomain "" 2026-06-04T09:44:32.220269+08:00 hostname sshd-session[145590]: Invalid user username from 59.38.131.149 port 46716 show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-06-04 01:40:35 (19 hours ago)	2026-06-04T03:31:14.113860+02:00 router02.wira-gmbh.de sshd[3891584]: Invalid user u1 from 59.38.131 ... show more 2026-06-04T03:31:14.113860+02:00 router02.wira-gmbh.de sshd[3891584]: Invalid user u1 from 59.38.131.149 port 38460 2026-06-04T03:31:14.299763+02:00 router02.wira-gmbh.de sshd[3891584]: Disconnected from invalid user u1 59.38.131.149 port 38460 [preauth] 2026-06-04T03:39:38.693989+02:00 router02.wira-gmbh.de sshd[3893901]: Invalid user user10 from 59.38.131.149 port 53948 2026-06-04T03:39:38.901782+02:00 router02.wira-gmbh.de sshd[3893901]: Disconnected from invalid user user10 59.38.131.149 port 53948 [preauth] 2026-06-04T03:40:35.070799+02:00 router02.wira-gmbh.de sshd[3894390]: Connection closed by 59.38.131.149 port 35844 [preauth] show less	Brute-Force
🇺🇸 COMPLEX	2026-06-04 00:56:35 (19 hours ago)	Banned by Multi Agent · node …mie7 · attempts=5 · SSH brute-force / scan	Brute-Force SSH
🇵🇹 facha	2026-06-04 00:22:32 (20 hours ago)	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-06-03T23:50:00Z and 2026-06- ... show more Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-06-03T23:50:00Z and 2026-06-04T00:22:32Z show less	Brute-Force SSH
🇳🇱 xTom	2026-06-04 00:05:45 (20 hours ago)	2026-06-04T00:00:04.296834+00:00 cdn-nl sshd[280160]: Invalid user ftpuser2 from 59.38.131.149 port ... show more 2026-06-04T00:00:04.296834+00:00 cdn-nl sshd[280160]: Invalid user ftpuser2 from 59.38.131.149 port 41558 2026-06-04T00:04:19.227438+00:00 cdn-nl sshd[280195]: Invalid user howard from 59.38.131.149 port 60964 2026-06-04T00:05:44.510306+00:00 cdn-nl sshd[280214]: Invalid user mcserver from 59.38.131.149 port 48610 ... show less	Brute-Force SSH
Anonymous	2026-06-04 00:01:07 (20 hours ago)	2026-06-04T01:51:03.227971 www.yerkanian.com sshd[818970]: pam_unix(sshd:auth): authentication failu ... show more 2026-06-04T01:51:03.227971 www.yerkanian.com sshd[818970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 2026-06-04T01:51:05.339971 www.yerkanian.com sshd[818970]: Failed password for invalid user fran from 59.38.131.149 port 52322 ssh2 2026-06-04T01:55:21.700887 www.yerkanian.com sshd[818998]: Invalid user user from 59.38.131.149 port 43500 2026-06-04T01:55:21.706792 www.yerkanian.com sshd[818998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 2026-06-04T01:55:23.904162 www.yerkanian.com sshd[818998]: Failed password for invalid user user from 59.38.131.149 port 43500 ssh2 2026-06-04T02:01:01.386415 www.yerkanian.com sshd[819041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 user=root 2026-06-04T02:01:03.593624 www.yerkanian.com sshd[819041]: Failed password for root from 59.38.131.149 port 50552 ssh2 ... show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-06-03 22:30:30 (22 hours ago)	2026-06-04T00:23:34.788699+02:00 gw9.nodesafety.com sshd-session[229599]: Invalid user jenkins from ... show more 2026-06-04T00:23:34.788699+02:00 gw9.nodesafety.com sshd-session[229599]: Invalid user jenkins from 59.38.131.149 port 49204 2026-06-04T00:23:35.046526+02:00 gw9.nodesafety.com sshd-session[229599]: Disconnected from invalid user jenkins 59.38.131.149 port 49204 [preauth] 2026-06-04T00:29:44.663107+02:00 gw9.nodesafety.com sshd-session[230560]: Invalid user spider from 59.38.131.149 port 47188 2026-06-04T00:29:44.977826+02:00 gw9.nodesafety.com sshd-session[230560]: Disconnected from invalid user spider 59.38.131.149 port 47188 [preauth] 2026-06-04T00:30:24.426072+02:00 gw9.nodesafety.com sshd-session[230675]: Disconnected from authenticating user root 59.38.131.149 port 58520 [preauth] show less	Brute-Force
🇺🇸 jennij	2026-06-03 22:29:39 (22 hours ago)	Fail2Ban sshd ban on luckymc.gg ...	Brute-Force SSH

Showing 16 to 30 of 232 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.86.15.209

🇩🇪 217.70.192.102

🇯🇵 203.137.76.198

🇺🇸 152.39.218.15

🇨🇳 139.205.155.116

🇸🇬 47.79.10.38

🇺🇸 45.33.75.28

🇺🇿 5.133.121.104

🇧🇪 2a00:1450:400c:c1b::12d

🇰🇷 222.118.151.208

🇰🇷 222.98.122.37

🇧🇪 198.235.24.251

🇪🇹 196.191.142.67

🇺🇸 162.216.149.78

🇨🇳 123.245.85.157

🇩🇪 69.5.169.206

🇹🇷 45.11.97.227

🇺🇸 216.25.89.122

🇺🇸 209.141.57.35

🇳🇵 203.9.211.71